Is it possible to somehow encrypt the data with an API key between react.js and laravel?

I

Ivan Huk2020-04-21 00:54:27

API

Ivan Huk, 2020-04-21 00:54:27

There is a site on laravel + react.js. It fully works on ajax requests.
the front is going to webpack;
Is there any way to encrypt the data with a key?

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

A

Alexander Aksentiev, 2020-04-21
@Sanasol

It is possible, and with the same success it will be possible to decrypt in the browser if that.

X

xmoonlight, 2020-04-21
@xmoonlight

Two options:
1. Protection against wiretapping: the session is encrypted in advance (mail, sms) and the key to work with data, tied to the session key , is transmitted along with this data, encrypted with the same key.
2. Protection against the use of stored data by the owner of the storage (service): The key is stored locally by the content creator user. The server only stores encrypted data and does not know what is in it.

V

Vyacheslav Plisko, 2020-04-22
@AmdY

Yes, it's not a problem. For what purpose.
First of all, you need to use https - this will generally protect traffic to the site from sniffers.
You can encrypt on the server using some aes or any other algorithm, encrypt the response on the server, and decrypt it in js on the client. That's just the key in the browser can be obtained by having access to it, so it won't work at all.